Phil Kostenbader, CISSP, and Bob Donnelly, CISM, CISSP
Colapse all |
Post comment
Standards in desktop firewall policies
2006-06-12
Todd Knarr (1 replies)
Todd Knarr (1 replies)
I'd question the "old school" policy you described. I learned firewall policy 15+ years ago, which I think qualifies as "old school", and the rule then was default-deny: anything without an explicit allow rule is blocked. What you describe as old-school sounds to me like the relatively recent policy...
[ more ] [ reply ]
[ more ] [ reply ]
implicit allow all not blocked...
2007-01-03
brl
brl
is not necessarily only a MS Windows-caused phenomenon. Not that Redmond is w/o a hand in this; do you recall the "network is the computer" version of The Road Ahead before it was revised to embrace the Intenet?
Unfortunately, I have seen several sites have to resort to this default open policy...
[ more ] [ reply ]
Unfortunately, I have seen several sites have to resort to this default open policy...
[ more ] [ reply ]
Standards in desktop firewall policies
2006-07-03
Anonymous
Anonymous
Picky I know, but "Microsoft Windows doesn't support passive mode" is wrong. To the best of my knowledge it has always supported passive mode when browsing to an FTP url and XP, at least, supports the "quote PASV" command in the DOS FTP client.
Also in your example at the end of Page 1, you stat...
[ more ] [ reply ]
Also in your example at the end of Page 1, you stat...
[ more ] [ reply ]
Standards in desktop firewall policies
2006-07-14
Jim
Jim
I would be interested in hearing the experiences with "context aware" policies (called "adaptive" by some vendors). The thought is implement a minimal policy for "off-site" (perhaps only allowing VPN access back to corporate and a few company-sanctioned web services) and a more open one for the corp...
[ more ] [ reply ]
[ more ] [ reply ]
Isolation.
You isolate all other clients in the network from a mobile that may have been exposed to a public or maby a customer network ...
[ more ] [ reply ]